Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Malicious Software

Kiran Cornelio
Kiran Cornelio July 21, 2020

Dear All,

Below is the message from our IT security team. seek your feedback.

The sourcetree software is a malicious one and It sends http without http header, some Chinese binary in there (may be they have Chinese developers or Chinese variations of the software?)


Kindly request Altassian to confirm if this is safe (meaning untampered) Please provide the sandbox report and the hash below. I will approve as soon as they confirm that it is safe.

 


Spawned process "SourceTreeSetup-3.3.9.exe" (Show Process)
Spawned process "Update.exe" with commandline "--install ." (Show Process)
Spawned process "conhost.exe" with commandline "0x4" (Show Process)
Spawned process "SourceTree.exe" with commandline "--squirrel-install 3.3.9" (Show Process)
Spawned process "SourceTree.exe" with commandline "--squirrel-firstrun" (Show Process)
Spawned process "7z.exe" with commandline "x -o%LOCALAPPDATA%\Atlassian\SourceTree\hg_extras -y %LOCALAPPDATA%\Atlassian\SourceTree\mcmw.zip" (Show Process)
Spawned process "conhost.exe" with commandline "0x4" (Show Process)
Spawned process "Windows10UpgraderApp.exe" with commandline "/Install /ClientID Win10Upgrade:VNL:NHV19:{} /SkipEULA /QuietInstall" (Show Process)
Spawned process "HttpHelper.exe" with commandline ""g.bing.com" "/gwx/vanilla?ts=1595356311425&SQM=d72ccd18955546cebe82dd29eb26e920&GWX=(null)&WU=6a1f90ef80e8436381ba21b68ea8f788&WER=(null)&CS=10&OSVersion=10.0.16299&STG=win10vanillastart&ER=Completed&LANG=1

 

Answer
Watch
Like Dezinify likes this
1820 views

1 answer

1 accepted

0 votes
Answer accepted
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 21, 2020

Hi, welcome to the Community!

While we don't publish a list of md5 hashes for Sourcetree on the actual site, I can confirm the hashes for the 3.3.9 Windows installer for you:

md5 12ad58ccaf4b2eff9a9e76d1b77ea9c9 SourceTreeSetup-3.3.9.exe

sha256 ffaef30ad57ab28aefb4dec307af0bdccdb81a99d1e345f2a7f4030dcc48f874 SourceTreeSetup-3.3.9.exe

In Windows, you can use the Get-FileHash powershell cmdlet to generate the file hashes and compare them against the values I've posted here. By default, it will give you the sha256 hash. You can specify a different hashing algorithm if you want to check md5 also:

Get-FileHash C:\path\to\SourceTreeSetup-3.3.9.exe -Algorithm MD5

Cheers,
Daniel

View More Comments
Kiran Cornelio
Kiran Cornelio July 21, 2020

Dear Daniel,

Thank you for the response. Is this an opensource project or this project is maintained by Atlassian? Just wanted a confirmation that this is a safe product to be installed in the enterprise network.

 

Regards,

Kiran

Like
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 21, 2020

Hi Kiran,

While Sourcetree does contain code from open source libraries (a complete list is available in the Acknowledgements page in the application), the application itself is fully controlled by Atlassian. All development is done by Atlassian employees and we include a step in our build process to scan binaries for malware before the installers can be uploaded to the public website for download.

Cheers!

Like
Kiran Cornelio
Kiran Cornelio July 21, 2020

Thanks Daniel. Appreciate your quick response.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Sourcetree
Sourcetree
TAGS
AUG Leaders

Atlassian Community Events

    See all events